Cybersecurity and Infrastructure Security Agency

In order to assist critical infrastructure organizations in thwarting ransomware gang attacks, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released new information detailing security flaws and configuration errors that ransomware gangs have exploited.

This information was made public by CISA as part of the Ransomware Vulnerability Warning Pilot (RVWP) program, and said that it would notify critical infrastructure organizations of any ransomware-vulnerable devices found on its network.

Since its launch, CISA's RVWP has found and exchanged information about more than 800 susceptible systems with internet-accessible flaws regularly targeted by various ransomware activities.

The U.S. cybersecurity agency has also released a dedicated website, StopRansomware.gov, which acts as the focal point for CISA's initiative to give defenders all the information they need to anticipate and neutralize ransomware assaults.

Source: https://www.bleepingcomputer.com/news/security/cisa-shares-vulnerabilities-misconfigs-used-by-ransomware-gangs/

"id": "CYB2047151023",
"linkid": "cisagov",
"type": "Ransomware",
"date": "10/2023",
"severity": "75",
"impact": "2",
"explanation": "Attack limited on finance or reputation"